Closed Bug 173872 Opened 22 years ago Closed 22 years ago

certutil's default serial numbers should increase monotonically

Categories

(NSS :: Tools, defect, P1)

Product:
NSS
Component:
Tools
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: nelson, Assigned: nelson)

References

(
URL
)

Details

Attachments

(1 file)

numerous changes to serial number handling
4.85 KB, patch
Details | Diff | Splinter Review 
There is an O'Reilly book named "Creating applications with mozilla".
The text of that book also may be found online at http://books.mozdev.org/

Chapter 12 of that book, http://books.mozdev.org/chapters/ch12.html#77080
contains instructions on how to operate a CA using certutil.  

The instructions do not use certutil's -m option to set the serial number 
in the generated cert explicitly.  Instead, they rely on certutil's 
default source of serial numbers to generate serial numbers.  

Certutil's default source of serial numbers is the low-order 32 bits in
the value of PR_Now, which IIRC is the number of microseconds elapsed since
midnight, Jan 1, 1970, UTC.    The low order 32 bits of any microsecond 
value wrap around every 71.58 minutes.  On systems where PR_Now has no more 
than than 1000 unique values per second, the probability of duplicate serial 
numbers is too high, IMO.

So, I propose to change certutil's default source of serial numbers to
(PRUInt32)(PR_Now >> 19), which has a resolution of about 1/2 second, and
wraps around about once every 71 years.  Hopefully after that long, no-one 
will still be using certutil as a CA.

Here's the proposed patch to certutil.c

        /*  Make a default serial number from the current time.  */
        PRTime now = PR_Now();
+       LL_USHR(now, now, 19);
        serialNumber = LL_L2UI(serialNumber, now);

Barring objections, I will check this change in soon.
Marking P1 for 3.7 because of the potential NSS support burden.
Priority: -- → P1
Target Milestone: --- → 3.7
I have one concern about the proposed fix.  
On some fast systems, if a script is running certutil repeatedly, issuing
certs from the same CA (same issuer name), it may be possible for certutil
to issue two certs within the same approx 1/2 second time interval, 
resulting in two certs with the same serial number.  

Just by running our cert.sh test script on my old 733 Mhz PC, I have found 
certs being issued with serial numbers only 2 apart.  

Unfortunately I think the only good solution is to stop trying to create
certs with 32-bit serial numbers, and go to 64 bit serial numbers.
Status: NEW → ASSIGNED
This patch makes several changes to certutil.
1. All veriables that hold serial numbers are changed from int to unsigned.
2. If no serial number option is given on the command line, the serial number
is taken from PR_Now >> 19

This patch also makes some other changes.
3. Fixes bug 1746549 with a one line change, adding a \n
4. removes some unused variables
5. removes some very old code that was #ifndef NSPR20
I have checked in this patch.  
Although all.sh passes on my machine, it might fail on a very fast machine,
for the reasons explained above.  I will watch tinderbox.  
QA passed list night on all platforms.  Marking fixed.
If we get reports of certutil issuing certs with duplicate serial numbers,
the shift factor will have to be reduced.
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: